Write-ups
Check The Published Writeups
| WDB | Title | Tags | Programs | Authors | Type | Publication | Added |
|---|---|---|---|---|---|---|---|
| 3850 | Bypassing GitHub%27s OAuth flow | OAuth Authorization bypass | GitHub | Teddy Katz (@not_aardvark) | Bug Bounty | 2019-11-05 | 2023-06-13 |
| 3840 | How I accidentally took down GitHub Actions | DoS Commit Hash Collisions | GitHub | Teddy Katz (@not_aardvark) | Bug Bounty | 2019-11-12 | 2023-06-13 |
| 3813 | Exploiting padding oracles with fixed IVs | Padding oracle attack Account takeover | NA | Teddy Katz (@not_aardvark) | Bug Bounty | 2019-11-23 | 2023-06-13 |
| 2724 | Messing with GitHub%27s fork collaboration for fun and profit | Broken Access Control | GitHub | Teddy Katz (@not_aardvark) | Bug Bounty | 2021-03-10 | 2023-06-13 |
| 2709 | Stealing arbitrary GitHub Actions secrets | Logic flaw | GitHub | Teddy Katz (@not_aardvark) | Bug Bounty | 2021-03-17 | 2023-06-13 |
| 1787 | Stealing a few more GitHub Actions secrets | Logic flaw | GitHub | Teddy Katz (@not_aardvark) | Bug Bounty | 2022-02-23 | 2023-06-13 |